История изменений
Исправление neumond, (текущая версия) :
https://wiki.mozilla.org/Security/Sandbox#Linux
Level 1 Many syscalls, including process creation
Level 2 Everything from level 1; Write access to the filesystem (Excludes shared memory, tempdir, video hardware)
Level 3 Everything from level 1-2; Read access to most of the filesystem (Excludes themes/GTK configuration, fonts, shared data and libraries)
Level 4 Everything from level 1-3; Network access including local sockets; System V IPC (Unless fgxlrx or VirtualGL is in use); Uses chroot jail; Uses Unprivileged User Namespaces (if available)
В релизных сборках Level 4
Исходная версия neumond, :
https://wiki.mozilla.org/Security/Sandbox#Linux
Level 1 Many syscalls, including process creation
Level 2 Everything from level 1 Write access to the filesystem (Excludes shared memory, tempdir, video hardware)
Level 3 Everything from level 1-2 Read access to most of the filesystem (Excludes themes/GTK configuration, fonts, shared data and libraries)
Level 4 Everything from level 1-3 Network access including local sockets System V IPC (Unless fgxlrx or VirtualGL is in use) Uses chroot jail Uses Unprivileged User Namespaces (if available)
В релизных сборках Level 4